package com.bridgeintelligent.tag.webserver.security;

import com.bridgeintelligent.tag.constants.ExceptionCodes;
import org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter;
import org.springframework.stereotype.Component;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

@Component
public class PermsFilterDefinition extends FilterDefinition {

    public PermsFilterDefinition() {
        setName("tagPerms");
        setFilter(new PermsFilter());
    }

    public static class PermsFilter extends PermissionsAuthorizationFilter {

        @Override
        protected boolean onAccessDenied(ServletRequest request, ServletResponse response) {
            throw new AuthenticationException(ExceptionCodes.SECURITY_50006);
        }
    }
}
